Ransomware Attack on Gedco by Sarcoma Group
Incident Date:
October 9, 2024
Overview
Title
Ransomware Attack on Gedco by Sarcoma Group
Victim
Gedco
Attacker
Sarcoma
Location
First Reported
October 9, 2024
Ransomware Attack on Gedco by Sarcoma Group
In a recent cyberattack, Gedco, a Canadian company based in Calgary, Alberta, has fallen victim to the ransomware group known as "Sarcoma." This incident highlights the growing threat posed by this newly emerged cybercriminal organization, which has already targeted over 30 entities globally.
About Gedco
Gedco is a medium-sized enterprise employing approximately 128 individuals. The company specializes in the development and application of geophysical software, serving industries such as oil and gas, mining, and environmental studies. Founded in 1990, Gedco is recognized for its innovative software solutions and commitment to client-driven services. This focus on technological advancement and customer service has established Gedco as a reputable name within its sector.
Attack Overview
The ransomware attack on Gedco was orchestrated by Sarcoma, a group that has quickly gained notoriety for its aggressive tactics and significant data breaches. Sarcoma's modus operandi involves data exfiltration and a double extortion strategy, where they not only encrypt files but also threaten to leak sensitive information publicly if their demands are not met. Gedco's inclusion on Sarcoma's dark web portal suggests a broader campaign by the group, which is actively being investigated.
About Sarcoma Ransomware Group
Sarcoma is a recently emerged ransomware group that has distinguished itself through its aggressive approach and lack of publicly listed ransom demands. Instead, the group leverages data leaks as a primary means of coercion, promoting itself as a means to highlight poor security practices among organizations. Sarcoma's operations have primarily targeted industries in the USA, Canada, Australia, and Spain, with a diverse range of victims across different sectors.
Potential Vulnerabilities
Gedco's focus on technological innovation and its role in the geophysical sector may have made it an attractive target for Sarcoma. The company's reliance on advanced software solutions could present vulnerabilities that threat actors like Sarcoma exploit. The attack underscores the importance of cybersecurity measures, particularly for companies operating in technology-driven industries.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.